FTC Ruling in Wyndham Case

FTC Ruling in Wyndham Case

A Game Changer for Compliance and Data Security

As certain events take place and we see them unfold, we know some of them are instant “game changers.” So here is one that could rock the world of many companies out there: on Monday, the federal appeals court ruled in the Wyndham security breach case,

that the Federal Trade Commission (FTC) has authority under section 5 of the FTC Act to regulate “unfair” data security practices without engaging in formal rulemaking. Basically, the FTC now has the green light to pursue enforcement action against Wyndham Worldwide after the hotel chain suffered a trio of breaches back in 2009. Talk about major fines coming up for these folks. This is an interesting development on the heals of news that the SEC will not fine Target for it’s data breach. Things that make you go hmm…

FTC Chairwoman Edith Ramirez said in a statement that the “decision reaffirms the FTC’s authority to hold companies accountable for failing to safeguard consumer data,” noting it is “critical” the commission “has the ability to take action…when companies fail to take reasonable steps to secure sensitive consumer information.” The key word here is REASONABLE.

This is major news. In case you are still wondering what it has to do with you, think about it this way: if you don’t take precautions to protect the data of your customers — the data you are hosting — and as a result you get breached, you now have the possibility of the federal government coming down on you. This is in addition to all the other major consequences associated with data breaches that will be staring you directly in the face.

It’s up to each and every company to ensure that they are doing all they can to have the proper safeguards in place.

With these recent game-changing developments in policy and regulation, staying compliant and secure has never been more important. At Cavirin, we live and breathe this mantra every day, with full passion and unwavering determination. My team and I are bullish about our mission to help companies of all sizes and in all industry verticals, stay compliant and secure. Enabling them to protect their data, inside and outside of the container, whether in the cloud, on premise, or both. Our Automated Risk Analysis Platform (ARAP) is the only solution on the market that can do this, without the need to spend big on security resources and heavy-weight, difficult to implement platforms. Check us out, take us for a test drive, and learn how we are helping other companies pass their audits, automate their security and compliance posture, and reduce operating costs.

About Cavirin

Cavirin is the only organization that delivers cyberposture intelligence for the hybrid cloud by providing real-time risk & cybersecurity posture management, continuous compliance, further integrating security into DevOps.